cbcvebase.
CVE-2024-0136
published 2025-01-28

CVE-2024-0136: NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code obtaining read and…

high8.4CVSS 3.1
AVNACLPRHUIRSCCHIHAH
NVIDIA Container Toolkit contains an improper isolation vulnerability where a specially crafted container image could lead to untrusted code obtaining read and write access to host devices. This vulnerability is present only when the NVIDIA Container Toolkit is configured in a nondefault way. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

Affected

4 ranges
VendorProductVersion rangeFixed in
nvidianvidia_container_toolkit< 1.17.31.17.3
nvidianvidia_container_toolkit
nvidianvidia_gpu_operator< 24.9.124.9.1
nvidianvidia_gpu_operator